Home  >  CVE-2002-0329
CVE Details for CVE: CVE-2002-0329
Summary
Cross-site scripting vulnerability in Snitz Forums 2000 3.3.03 and earlier allows remote attackers to execute arbitrary script as other Forums 2000 users via Javascript in an IMG tag.
Timestamps
Last major update 18-10-2016 - 02:19
Published 25-06-2002 - 04:00
Last modified 18-10-2016 - 02:19
References
Vulnerable Configurations
  • cpe:2.3:a:snitz_communications:snitz_forums_2000:3.2.03:*:*:*:*:*:*:*
    cpe:2.3:a:snitz_communications:snitz_forums_2000:3.2.03:*:*:*:*:*:*:*
  • cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3:*:*:*:*:*:*:*
    cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3:*:*:*:*:*:*:*
  • cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3.01:*:*:*:*:*:*:*
    cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3.01:*:*:*:*:*:*:*
  • cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3.02:*:*:*:*:*:*:*
    cpe:2.3:a:snitz_communications:snitz_forums_2000:3.3.02:*:*:*:*:*:*:*
  • cpe:2.3:a:snitz_communications:snitz_forums_2000:3.0:*:*:*:*:*:*:*
    cpe:2.3:a:snitz_communications:snitz_forums_2000:3.0:*:*:*:*:*:*:*
  • cpe:2.3:a:snitz_communications:snitz_forums_2000:3.1:sr4:*:*:*:*:*:*
    cpe:2.3:a:snitz_communications:snitz_forums_2000:3.1:sr4:*:*:*:*:*:*
CAPEC
Click the CAPEC title to display a description
CWE
NVD-CWE-Other
CVSS
Base
7.5
Impact
6.4
Exploitability
10.0
Access
VectorComplexityAuthentication
NETWORK LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
CVSS3
None
VIA4 references
cvss-vector via4
AV:N/AC:L/Au:N/C:P/I:P/A:P
refmap via4
bid 4192
bugtraq
  • 20020227 RE: Open Bulletin Board javascript bug.
  • 20020227 Snitz 2000 Code Patch (was RE: Open Bulletin Board javascript bug.)
cert-vn VU#132011
confirm http://forum.snitz.com/forum/link.asp?TOPIC_ID=23660
xf snitz-img-css(8309)